Quantum cryptography technology serves as a cross product of quantum mechanics and cryptography, its security is supported by the basic principle of the quantum mechanics, not affected by computing power and storage capacity of attackers, and therefore, is proven to have unconditional security and detectability for eavesdroppers. Although initially proposed quantum key distribution protocols (such as BB84) can detect the eavesdroppers' operation of stealing keys, the protocols do not provide any effective identity authentication mechanism.
Identity authentication is an important link for network security. Authenticity of both communication parties, integrity of messages and reliability of sources can be verified by authentication, so as to prevent an illegal party from attacking information communication such as forging and modifying information and delaying the communication. As traditional quantum key distribution protocols do not have any effective identity authentication mechanism, it is likely that the protocols are subject to middle-man attacks or Distributed Denial of Service (DDoS) attacks in a quantum key distribution process.
With respect to the foregoing problems:
(i) M. Dusek et al. believe that it is not necessary to authenticate all classic information in a communication process, it is only necessary to authenticate classic information that affects correct judgment of error rates of quantum states but not necessary to authenticate other classic information, and security will not be affected even if the classic information is modified. Therefore, M. Dusek puts forward a quantum identity authentication protocol that combines with a classic message authentication algorithm, and the essence is authenticating classic messages as few as possible with the classic authentication algorithm.
(ii) A BB84 protocol with identity authentication is used. A main difference between the protocol and the original BB84 protocol is that some bits in a quantum bit string randomly sent are set as particular authentication key bits, for example, one in every four bits in the quantum bit string being the particular authentication key bit, and its specific position is determined by an authentication key. Identity authentication of both communication parties is achieved through a measurement basis vector represented by bits of the authentication bit and a polarization state of light quantum, quantum state information of the authentication bit cannot be sent randomly but should be determined by authentication keys shared by both parties in accordance with a particular rule, and at the same time, the basic principle of the quantum mechanics is responsible for secure key distribution.
The above two proposals have the following issues:
(i) Regarding the M. Dusek solution, the number of the authentication keys shared by both communication parties in advance is limited, and thus the solution is vulnerable to middle-man attacks and DDOS attacks; moreover, the solution does not make full use of superiority of quantum but still uses a classic authentication technology, so there is a risk of being cracked.
(ii) Although the BB84 protocol with identity authentication sends shared authentication key information in a form of quantum states, which improves security of key distribution, as, in the technical solution, it is assumed that all quantum states of an authentication key of a transmitting end can be transmitted to a receiving end, the receiving end can select corresponding measurement bases for detection in accordance with a preset authentication key. If detection results are consistent, the technical solution is passed, and otherwise, the other party is considered to be illegal, and the quantum key distribution process is terminated. The solution does not take attenuation of photons in an actual transmission process into account (that is, the photons may not be necessarily transmitted to the other party, and consistency of the quantum states cannot be ensured naturally), that is to say, the technical solution does not provide fault tolerance for channel attenuation, resulting in reduction of an identity recognition rate and the quantity of quantum key distribution.